Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/tYP3amkjKEVRutGBSyQm6AjZ9fg.roa
File: tYP3amkjKEVRutGBSyQm6AjZ9fg.roa (raw, json)
Hash identifier: 55wQjqWfUFuVWFpEsYGFWqELoWOprqINwtMXaNRcEMc=
Subject key identifier: B5:83:F7:6A:69:23:28:45:51:BA:D1:81:4B:24:26:E8:08:D9:F5:F8
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018D23F5DD13891072E41BCB5543F1E94639
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/tYP3amkjKEVRutGBSyQm6AjZ9fg.roa
Signing time: Fri 19 Jan 2024 23:02:11 +0000
ROA not before: Fri 19 Jan 2024 23:02:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.104.0/24 maxlen: 24
185.100.168.0/24 maxlen: 24
185.100.171.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Jan 2024 13:12:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:23:f5:dd:13:89:10:72:e4:1b:cb:55:43:f1:e9:46:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Jan 19 23:02:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b583f76a6923284551bad1814b2426e808d9f5f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:cc:34:73:7a:e4:1c:39:ed:5b:59:76:0b:a1:
cb:9f:9b:06:d5:0c:81:32:52:73:2c:7f:38:28:16:
4e:a8:14:6e:c7:1a:e9:5d:bb:b9:63:c0:15:56:0e:
02:4d:dd:1a:a3:d5:e0:f1:ab:8c:1c:44:23:fd:e5:
7b:dc:9d:70:d8:94:6a:0c:ad:90:3e:a0:07:22:95:
f2:4c:c2:a7:3b:2d:2a:c4:b2:45:1b:7a:a4:0b:cb:
a7:93:6c:9d:f6:7c:cc:96:5f:64:27:59:dc:fe:ce:
c8:97:44:56:b2:63:8a:8d:20:90:4a:02:7a:4b:df:
7e:be:98:6e:a8:cb:c0:48:63:26:e0:18:9c:46:6c:
94:68:61:eb:14:d1:73:90:3b:5a:54:c2:30:76:c7:
dc:6d:24:4e:63:07:86:fa:36:00:cc:9c:a1:e3:a8:
7f:87:fb:57:79:c2:ec:2f:e9:a8:ba:3a:5e:8a:0a:
3f:13:05:8c:77:37:dd:00:fa:33:55:fe:65:29:6e:
7c:bc:19:03:85:c2:75:33:5f:f3:7c:db:c1:80:32:
8a:63:28:00:24:c7:82:58:d0:4e:7c:da:94:e1:f6:
dd:49:a5:1a:e2:85:2c:4f:1f:6c:b2:bd:f6:b3:26:
4a:89:fd:1e:1a:3a:57:3d:1c:80:30:eb:67:11:38:
07:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:83:F7:6A:69:23:28:45:51:BA:D1:81:4B:24:26:E8:08:D9:F5:F8
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/tYP3amkjKEVRutGBSyQm6AjZ9fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.104.0/24
185.100.168.0/24
185.100.171.0/24
185.160.194.0/23
185.169.221.0-185.169.223.255
Signature Algorithm: sha256WithRSAEncryption
52:2c:73:e6:4f:fb:49:9b:09:dd:d0:c3:b0:64:a4:65:1a:81:
31:a0:4c:e1:c2:f4:73:52:ed:fb:41:59:7f:a0:72:aa:4c:d9:
bd:3e:d0:c2:a5:c9:db:c9:38:cd:6d:ef:3d:28:02:30:d1:e6:
1d:84:0f:bc:6e:c0:5f:18:b1:12:31:51:d7:00:14:03:42:32:
36:aa:9e:07:f8:4d:a2:83:80:23:f4:ca:5c:de:e1:38:f5:d8:
5b:53:60:fc:2b:1d:66:c9:f4:dc:65:cb:ef:33:49:b4:39:d7:
8c:9c:4f:2c:02:f1:79:9a:9d:86:0d:48:a1:ba:30:f5:8f:7a:
4f:e6:0c:17:1e:a3:19:45:b7:68:b0:21:f4:c0:c5:d4:ea:ca:
ea:09:88:96:54:a2:58:aa:88:f2:14:96:3e:d7:fe:2f:c7:78:
c6:fb:6e:ec:8a:29:3c:b3:ed:69:4d:d7:8b:f6:4f:76:9d:d7:
e8:1e:fa:2b:dd:5f:42:ed:51:31:69:8f:d7:cc:ac:a2:f1:70:
a3:46:83:ca:8b:ea:02:60:3a:29:3c:51:34:73:a4:cb:a9:9a:
5e:de:bf:64:b4:22:10:88:27:db:26:00:9c:d8:61:48:9f:22:
bf:35:7c:5c:b6:1b:5f:e8:d7:22:0e:0c:82:6f:dd:78:1e:77:
88:41:0e:aa
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY0j9d0TiRBy5BvLVUPx6UY5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQwMTE5MjMwMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTgzZjc2YTY5MjMyODQ1NTFiYWQxODE0YjI0MjZlODA4ZDlmNWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMw0c3rkHDntW1l2C6HLn5sG1QyB
MlJzLH84KBZOqBRuxxrpXbu5Y8AVVg4CTd0ao9Xg8auMHEQj/eV73J1w2JRqDK2Q
PqAHIpXyTMKnOy0qxLJFG3qkC8unk2yd9nzMll9kJ1nc/s7Il0RWsmOKjSCQSgJ6
S99+vphuqMvASGMm4BicRmyUaGHrFNFzkDtaVMIwdsfcbSROYweG+jYAzJyh46h/
h/tXecLsL+moujpeigo/EwWMdzfdAPozVf5lKW58vBkDhcJ1M1/zfNvBgDKKYygA
JMeCWNBOfNqU4fbdSaUa4oUsTx9ssr32syZKif0eGjpXPRyAMOtnETgHgQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLWD92ppIyhFUbrRgUskJugI2fX4MB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvdFlQM2Fta2pLRVZSdXRHQlN5UW02QWpaOWZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALhRoAwQA
uWSoAwQAuWSrAwQBuaDCMAwDBAC5qd0DBAW5qcAwDQYJKoZIhvcNAQELBQADggEB
AFIsc+ZP+0mbCd3Qw7BkpGUagTGgTOHC9HNS7ftBWX+gcqpM2b0+0MKlydvJOM1t
7z0oAjDR5h2ED7xuwF8YsRIxUdcAFANCMjaqngf4TaKDgCP0ylze4Tj12FtTYPwr
HWbJ9Nxly+8zSbQ514ycTywC8XmanYYNSKG6MPWPek/mDBceoxlFt2iwIfTAxdTq
yuoJiJZUoliqiPIUlj7X/i/HeMb7buyKKTyz7WlN14v2T3ad1+ge+ivdX0LtUTFp
j9fMrKLxcKNGg8qL6gJgOik8UTRzpMupml7ev2S0IhCIJ9smAJzYYUifIr81fFy2
G1/o1yIODIJv3Xged4hBDqo=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:50:57 2025 by rpki-client